Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2007-2977

Malware in sbrugna...

10CVSS6.4AI score0.16769EPSS
Exploits0References5
NVD
NVDadded 2007/06/01 10:30 a.m.10 views

CVE-2007-2985

Pheap 2.0 allows remote attackers to bypass authentication by setting a pheaplogin cookie value to the administrator's username, which can be used to 1 obtain sensitive information, including the administrator password, via settings.php or 2 upload and execute arbitrary PHP code via an updatedoc...

10CVSS7.8AI score0.16769EPSS
Exploits0References4
Cvelist
Cvelistadded 2007/06/01 10:0 a.m.14 views

CVE-2007-2985

Pheap 2.0 allows remote attackers to bypass authentication by setting a pheaplogin cookie value to the administrator's username, which can be used to 1 obtain sensitive information, including the administrator password, via settings.php or 2 upload and execute arbitrary PHP code via an updatedoc...

7.8AI score0.16769EPSS
Exploits0References4
CVE
CVEadded 2007/06/01 10:0 a.m.39 views

CVE-2007-2985

CVE-2007-2985 affects Pheap 2.0. An attacker can bypass authentication by setting the pheap_login cookie to the administrator’s username, enabling (1) access to sensitive info, including the admin password via settings.php and (2) upload/execute arbitrary PHP code via the update_doc action in edi...

10CVSS7.8AI score0.16769EPSS
Exploits0References4Affected Software1
exploitpack
exploitpackadded 2007/05/30 12:0 a.m.11 views

Pheap 2.0 - config.php Pheap_Login Authentication Bypass

Pheap 2.0 - config.php PheapLogin Authentication Bypass source: https://www.securityfocus.com/bid/24227/info Pheap is prone to an authentication-bypass vulnerability due to a design error. An attacker can exploit this vulnerability to bypass authentication and execute arbitrary commands in the...

0.7AI score
Exploits0
Exploit DB
Exploit DBadded 2007/05/30 12:0 a.m.25 views

Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass

source: https://www.securityfocus.com/bid/24227/info Pheap is prone to an authentication-bypass vulnerability due to a design error. An attacker can exploit this vulnerability to bypass authentication and execute arbitrary commands in the context of the site administrator. !/usr/bin/php -q -d...

7.4AI score
Exploits0
seebug.org
seebug.orgadded 2007/05/29 12:0 a.m.10 views

Pheap 2.0 Admin Bypass / Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php / Explanation: The user verification routine used in most of the files is: include"lib/config.php"; if $COOKIE'pheaplogin' != $username header"Location: login.php"; else CONTINUE EXECUTING CODE So basically it's saying "I...

7.1AI score
Exploits0
0day.today
0day.todayadded 2007/05/29 12:0 a.m.14 views

Pheap 2.0 Admin Bypass / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================== Pheap 2.0 Admin Bypass / Remote Code Execution Exploit ====================================================== !/usr/bin/php -q -d shortopentag=on ?php / Explanation: The user...

7.1AI score
Exploits0
Rows per page
Query Builder